March 18, 2024 at 06:15PM
Machine-learning model platforms, such as Hugging Face, are vulnerable to attacks similar to those experienced by npm, PyPI, and other open source repositories. These attacks have been successfully executed by threat actors for years.
It seems from the meeting notes that the discussion highlighted the susceptibility of machine-learning model platforms such as Hugging Face to similar attacks that have been executed successfully via npm, PyPI, and other open source repositories by threat actors.